Hacker News new | past | comments | ask | show | jobs | submit login

Rarely mentioned, but Russia also tested the security of their (mobile signal networks) SS7 and Diameter systems Dec 16-17.

It never fails to amaze me how little attention is paid to these systems that can track, intercept and hijack the comms of mobile phone users of any country, internationally.




Maybe because it is what they themselves were successful in pwning in the West?

It is a long running rumor in Russian internet that Russian spies managed to tap UK politician phones with fake roaming requests in 2016.


The question is, why UK politicians didn't use encryption which is available to ordinary people? Like Signal or even Whatsapp.


Using encrypted VOIP will not do anything about SS7 hacks, as it will be your voice calls and SMSes that get rerouted, and remotely MIMed


You did answer, MITM doesn't work for Signal and WhatsApp, correct?


You could MITM Signal if you control the cell towers on either end. It would be visible, because the security number would change. But in my experience helping people set it up, very few users understand what those numbers are for, and what it means when they change. Most just mark them as verified immediately.


How does SS7 and Diameter hijack Signal app?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: